Security Directory

H

Hi, Cloud AG

hi1.ch

10

Hi, Cloud AG operates the Sovereign AI website, providing advanced AI workplace solutions, blockchain, and zero trust security services primarily targeting companies and government authorities in Switzerland. The company positions itself as a secure and innovative technology provider within the Swiss market. The website is professionally designed with consistent branding and clear navigation, reflecting a mature digital presence. Technically, the site uses a proprietary CMS platform with modern web standards, ensuring moderate performance and good mobile optimization. Security posture is strong with HTTPS enforced and basic security headers present, though there is room for improvement in implementing advanced headers and formal security policies. Privacy compliance is partial, with a comprehensive privacy policy but lacking cookie consent mechanisms. Contact information is clearly presented, enhancing business credibility. Overall, the website reflects a trustworthy and professional entity with a solid foundation in technology services.

K

Kantonales Gesundheitszentrum Appenzell

gzai.ch

49

The Kantonales Gesundheitszentrum Appenzell is a public healthcare institution providing comprehensive health and elderly care services to the population of Appenzell Innerrhoden, Switzerland. The website clearly communicates its role as a central health center offering ambulatory care, short-term and transitional care, and specialized services such as telemedicine emergency practice (MEAS). The institution targets local residents and patients requiring various levels of healthcare and support. The business model is focused on delivering reliable, community-centered healthcare services with a strong local presence. Technically, the website employs modern web technologies including JavaScript, asynchronous loading of analytics scripts (Matomo, Facebook Pixel, LinkedIn Insight Tag), and Google Maps API integration. The CMS used is Pimcore, indicating a professional content management approach. The site is mobile-optimized with good navigation and SEO practices, although accessibility features are basic. Performance is moderate, with room for optimization. From a security perspective, the site uses HTTPS with excellent SSL configuration, but lacks visible security headers such as Content-Security-Policy or X-Frame-Options. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial; a comprehensive privacy policy is available, but no cookie consent mechanism or terms of service page was found. Incident response and vulnerability disclosure information are absent, suggesting areas for improvement. Overall, the website is trustworthy, professional, and well-aligned with the business it represents. The domain registration data supports legitimacy and consistency with the healthcare sector. Strategic recommendations include enhancing security headers, implementing cookie consent, and publishing security and incident response policies to strengthen compliance and trust.

P

Planeo Elektro

planeo.sk

10

Planeo.sk is a specialized electronics retailer operating primarily in Slovakia, offering a wide range of electronic products through its e-commerce platform. The website presents a professional and consistent brand image, targeting Slovak consumers interested in electronics with services such as discounts, premium delivery, gift vouchers, and installment purchases. The business appears well-established with a strong market position in the retail sector. Technically, the website employs modern analytics and marketing technologies including Google Tag Manager, Google Analytics, Cookiebot for consent management, and Luigis Box for user behavior tracking. The site is well-optimized for mobile devices and includes essential security headers and HTTPS enforcement, reflecting a mature digital infrastructure. Security posture is strong with no evident vulnerabilities or exposed sensitive data, though explicit security policies and incident response information are not publicly available. Privacy compliance is robust, leveraging Cookiebot for GDPR consent management, but the absence of visible contact information and terms of service pages suggests areas for improvement. Overall, the website is trustworthy, professionally maintained, and compliant with relevant privacy regulations, making it a reliable platform for consumers.

W

Home | Warcraft III Stats

wc3stats.com

47

The website wc3stats.com operates as a niche online platform dedicated to parsing and analyzing Warcraft III custom game replays. It provides users with detailed game and player statistics, including APM, ratings, and custom map metadata. The platform targets the Warcraft III gaming community, offering specialized analytics services that position it uniquely within the gaming statistics market. The business appears to be small and focused, founded in 2018, with no evident parent or subsidiary companies. Technically, the website employs modern web technologies such as Vue.js, Google Analytics, and Google Tag Manager, hosted on infrastructure associated with Amazon Registrar, Inc. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Performance is moderate, and the site uses HTTPS with a valid SSL configuration. However, DNSSEC is not enabled, and no security headers were detected, indicating room for security enhancements. From a security perspective, the site benefits from domain status locks that prevent unauthorized transfers or deletions, contributing to domain stability. No privacy or cookie policies are present, and no contact or incident response information is provided, which limits compliance with GDPR and general privacy best practices. No forms or data collection mechanisms are visible on the homepage, reducing immediate data exposure risks. The absence of a vulnerability disclosure policy or security.txt file suggests limited formal security communication channels. Overall, the website is functional, professionally designed, and trustworthy within its niche but lacks comprehensive privacy and security documentation. Strategic improvements in privacy compliance, security headers, and user contact transparency would enhance its security posture and user trust.

S

Stadtwerke Ahlen

baedergesellschaft-ahlen.de

56

The website represents Bädergesellschaft Ahlen, a municipal company under Stadtwerke Ahlen, providing public swimming pools, sauna, and related leisure services in Ahlen, Germany. It targets local residents and visitors seeking recreational bathing and sauna experiences. The business operates with a clear local focus and offers key services including Parkbad, Parksauna, Freibad, and an online shop. The website is professionally designed with consistent branding and good content quality, supporting a positive user experience. Technically, the site is built on the Neos CMS platform using PHP and JavaScript frameworks, including Flow and Bot Framework Webchat. It integrates Matomo analytics for privacy-conscious visitor tracking and employs a cookie consent mechanism compliant with GDPR. Hosting appears stable with legitimate nameservers. The site is mobile optimized and accessible, with good SEO practices. From a security perspective, the site uses HTTPS and has implemented cookie consent, but lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or suspicious content were detected. WHOIS data aligns well with the business claims, showing a consistent and legitimate registration. Overall, the website demonstrates a solid digital presence with good privacy compliance and business credibility. Strategic improvements could include enhancing security headers and publishing a vulnerability disclosure policy to further strengthen trust and security posture.

A

Artikelparadis

artikelparadis.se

7

Artikelparadis is a Swedish article directory website established in 2011 and operated by Staffan Sundblad. It serves as a platform for users to submit and publish articles across a wide range of categories, aiming to be the largest Swedish article catalog. The website targets Swedish content creators and small businesses seeking online exposure through article publishing. Technically, the site uses basic HTML, CSS, and JavaScript without modern frameworks or CMS detected. The design is minimalistic with moderate performance and basic mobile optimization. Security posture is weak due to lack of HTTPS and security headers, and no privacy or cookie policies are present, indicating poor compliance with GDPR and other privacy regulations. The WHOIS query for the subdomain returned no data, raising concerns about domain registration consistency. Overall, the site is functional but requires significant improvements in security, privacy compliance, and technical modernization.

A

Appelhoff GmbH & Co. KG

appelhoff-unna-dbg.de

10

Appelhoff GmbH & Co. KG, operating under the DIE BADGESTALTER brand, is a specialized service provider in bathroom renovation and heating system installation based in Holzwickede, Germany. The company offers comprehensive services including planning, execution, and coordination with a focus on individual customer needs, fixed pricing, and guaranteed deadlines. As part of a larger network of over 130 specialized firms, it holds a strong regional market position with a professional and customer-centric approach. Technically, the website is built on the Marcapo Websitemanager CMS, employs modern web technologies, and integrates privacy-conscious analytics (Matomo) and user consent mechanisms. Security posture is solid with HTTPS and cookie consent but lacks explicit security policy documentation and security headers. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

V

Voigt GmbH

voigt-sanitaer.de

10

Voigt GmbH, operating under the brand DIE BADGESTALTER in Geesthacht, Germany, specializes in personalized bathroom renovations and heating system installations. The company emphasizes comprehensive customer service from initial consultation through project completion, offering fixed pricing and guaranteed deadlines. As part of a larger network of over 130 specialized firms under SHK eG, Voigt GmbH benefits from strong brand recognition and a broad partnership ecosystem. The website targets private customers seeking tailored bathroom and heating solutions, positioning itself as a trusted regional expert with a focus on quality and customer satisfaction. Technically, the website is built on the Marcapo Websitemanager CMS, employs Matomo for privacy-conscious analytics, and integrates third-party content such as Google Maps and YouTube videos with explicit user consent mechanisms. The site is mobile-optimized and well-structured, providing a good user experience and clear navigation. Security-wise, the site uses HTTPS and cookie consent but lacks explicit security headers and published incident response policies, indicating room for improvement in security transparency and hardening. Overall, the website and business present a credible, professional image with strong privacy compliance and moderate technical sophistication.

B

Bernd Himmels GmbH

himmels-heinsberg-dbg.de

10

Bernd Himmels GmbH operates as a specialist in bathroom renovation and heating system installation, providing comprehensive services from initial consultation to project completion. The company is part of the larger DIE BADGESTALTER brand network, which includes over 130 specialized firms across Germany and Austria, positioning it as a trusted local expert in Heinsberg. The website reflects a strong focus on personalized customer service, fixed pricing, and guaranteed deadlines, catering primarily to private and commercial customers seeking tailored bathroom and heating solutions. Technically, the website employs modern web technologies including Matomo analytics with privacy-conscious IP anonymization, Google Maps integration, and embedded YouTube videos, all managed via the Marcapo Websitemanager CMS. The site is mobile-optimized, accessible, and SEO-friendly, with a clear cookie consent mechanism and comprehensive privacy policy, indicating good compliance with GDPR requirements. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though additional security headers and explicit security policies could enhance protection. Overall, the site presents a professional, trustworthy, and user-friendly digital presence aligned with the company's business objectives.

°

°celseo

celseo.de

10

°celseo is a leading cooperative network of large craft businesses in Germany specializing in heating, sanitary, climate, and electrical technology. With over 350 affiliated companies and 18,000 employees, it offers independent consulting and comprehensive services to private customers and trade professionals. The website is built on TYPO3 CMS, featuring a modern, responsive design with good SEO and accessibility features. Privacy and cookie policies are well implemented, ensuring GDPR compliance. Security posture is solid with HTTPS and cookie consent, though formal security policies and incident response contacts are absent. Overall, the site is professional and trustworthy, supporting a strong market position in the energy-related SHK sector.

The website itf-tkd.shop is a parked domain currently offered for sale via the Sedo domain marketplace. It contains minimal content, primarily advertising the domain sale and providing generic information in German. There is no active business or service presence on the site. The technical infrastructure relies on standard HTML5, CSS normalization, and Google Ads for monetization. The domain is registered through Spaceship, Inc. in Iceland, but the WHOIS data shows a creation date in the future (2025), indicating possible data inconsistency or placeholder registration. Security posture is minimal with no advanced headers or policies implemented, and privacy compliance is basic with only a Sedo privacy policy link available. Overall, the site lacks business credibility and trust indicators.

Z

Zentrum für Elementarpädagogik

zentrum-elementarpaedagogik.at

37

Zentrum für Elementarpädagogik is an Austrian educational organization specializing in elementary pedagogy training and services. The website presents a professional and well-structured platform primarily targeting educators and professionals interested in early childhood education. The technical infrastructure is based on WordPress with Elementor and Yoast SEO, indicating a moderate level of digital maturity. Performance and mobile optimization are adequate, though accessibility features are basic. Security posture is acceptable with HTTPS enabled but lacks advanced security headers and visible incident response policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is functional and trustworthy but would benefit from enhanced security and compliance measures.

G

Golfshop4you

golfshop4you.cz

54

Golfshop4you.cz is a specialized retail business focused on golf equipment and accessories, operating both an e-commerce platform and a physical store in Prague, Czech Republic. The company offers a wide range of products including golf clubs, bags, balls, clothing, shoes, and related accessories, complemented by services such as fitting and equipment servicing. Their market position is that of a niche, trusted golf retailer serving golf enthusiasts in the Czech market. Technically, the website is built on the Shoptet e-commerce platform, leveraging modern JavaScript libraries, Google Analytics, and Facebook SDK for marketing and analytics, with good mobile optimization and accessibility. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved and outdated libraries updated. Privacy compliance is strong, with clear GDPR policies and cookie consent banners. Overall, the site is professional, trustworthy, and well-structured, though domain WHOIS data is unavailable, which slightly limits trust verification. Strategic recommendations include enhancing security headers, updating JavaScript libraries, and publishing explicit security and incident response policies.

I

Italieonline s.r.o

olaszorszagonline.hu

42

Italieonline s.r.o operates a professional online travel agency website focused on Italian holidays, offering a wide range of accommodation options including apartments, hotels, and camping sites. The company has a strong market presence since 1997 and is a member of multiple reputable travel associations, enhancing its credibility. The website targets Hungarian-speaking travelers and provides multilingual support through sister sites in various European languages. Technically, the site employs modern web standards, responsive design, and Google Analytics for user tracking, with a cookie consent mechanism in place. Security posture is good with HTTPS enabled and no visible vulnerabilities, though some security headers and policies could be improved. Overall, the site is well-structured, user-friendly, and trustworthy for its intended audience.

I

Italieonline s.r.o

wlochyonline.pl

36

Italieonline s.r.o operates a professional online travel agency website focused on vacations in Italy, offering a wide range of accommodations including apartments, hotels, and camping sites. The company targets Polish-speaking travelers and has a strong presence in multiple European markets through related language sites. The business is well-established since 1997 and is a certified member of several travel associations, enhancing its market credibility. Technically, the website uses modern web technologies, responsive design, and integrates Google Analytics for tracking. Security posture is good with HTTPS enabled and cookie consent implemented, though security headers could be improved. No critical vulnerabilities or suspicious content were detected. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

I

Italieonline s.r.o

talianskoonline.sk

10

Italieonline s.r.o operates a professional online travel agency website specializing exclusively in holidays in Italy, offering a wide range of accommodations including apartments, hotels, and campsites for both summer and winter vacations. The company has a strong market presence in Slovakia and neighboring Central European countries, supported by multiple language versions and membership in reputable travel associations. The website demonstrates a good level of digital maturity with modern technologies, responsive design, and SEO optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. Overall, the site is trustworthy and well-positioned in its niche.

I

Italieonline s.r.o

italieonline.cz

11

Italieonline s.r.o is a well-established Czech travel agency specializing exclusively in holidays in Italy, offering a wide range of accommodations including apartments, hotels, and campsites. The company has been operating since 1997 and holds multiple certifications from national travel associations, reinforcing its market credibility. The website targets Czech and Slovak tourists and provides multilingual support through partner domains for other European markets. Technically, the website employs modern web standards, uses Google Analytics and Tag Manager for tracking, and is hosted on a Czech hosting provider. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers and policies could be improved. Overall, the site is professional, user-friendly, and trustworthy, with no signs of malicious or adult content.

L

Logista d.o.o.

logista.hr

10

Logista d.o.o. is a medium-sized Croatian company specializing in distribution and telecommunications services, including tobacco product distribution, mobile technology, and B2B telecommunications support. The company has a strong market position in Croatia, recognized among the top 400 companies and listed by the London Stock Exchange as an inspiring European business. Their key services include JTI tobacco distribution, A1 telecommunications support, and e-distribution services. The website is professionally designed, mobile-optimized, and uses modern tracking and analytics tools. Hosting is provided via Oracle Cloud, and the site employs HTTPS with reCAPTCHA for security. However, there is no publicly available security policy or incident response information, which could be improved. Overall, the website is trustworthy and well-maintained, with clear contact information and GDPR-compliant cookie consent.

T

Trophy Monster

trophymonster.com

56

Trophy Monster is a UK-based e-commerce retailer specializing in trophies, medals, plaques, cups, and awards with custom printing services. Established in 2016, the company targets sports clubs, schools, corporate clients, and individuals seeking quality awards. The website demonstrates a professional design with clear navigation and multiple language support, indicating an international market presence. Technically, the site uses modern JavaScript features, Google Analytics, and Google Ads for marketing and tracking, hosted on AWS infrastructure. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though DNSSEC is not enabled and security policies are not explicitly published. Overall, the domain registration aligns well with the business claims, supporting legitimacy and trustworthiness.

P

Pokale Bauer

pokale-bauer.at

70

Pokale Bauer is a regional e-commerce and retail business specializing in the production and sale of sports trophies, medals, plaques, and custom awards. The company operates multiple physical stores across Austria, Czech Republic, Germany, and serves customers online with multilingual support. Their business model focuses on custom printing starting from a single piece, targeting sports clubs, event organizers, and individual customers. The website demonstrates a solid market position with trust signals such as verified Trustpilot reviews and active social media presence. Technically, the website uses modern web technologies including lazy loading, IntersectionObserver API, Google Tag Manager, and Google Analytics for tracking. The site is mobile optimized with good SEO practices and structured data implementation. Performance is moderate with room for improvement in accessibility and security headers. Security posture is good with HTTPS enforced and nonce usage in scripts, but lacks explicit security headers and a cookie consent mechanism. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic with a privacy policy present but no visible cookie consent banner. Business credibility is high due to clear contact information, physical store locations, and trust indicators. Overall, the website is professional, trustworthy, and functional with recommendations to enhance security headers, implement cookie consent, and publish incident response policies to improve compliance and security maturity.

O

Organikk

organikk.cz

55

Organikk.cz is a Czech Republic based e-commerce platform specializing in sustainable lifestyle products including household items, personal care, kitchenware, dental care, and fashion accessories. The company emphasizes eco-friendly, chemical-free, and plastic-free products, supporting small producers and environmental causes. The website is professionally designed with clear navigation, comprehensive product information, and customer testimonials, positioning Organikk as a niche leader in sustainable retail within its market. Technically, the site runs on the Shoptet platform, uses modern analytics and marketing tools with GDPR-compliant cookie consent, and maintains a good security posture with HTTPS and CSRF protections. However, the WHOIS data is unavailable, limiting domain trust assessment. Overall, Organikk demonstrates a mature digital presence with room for security header enhancements and updated libraries.

C

CHASING

chasing.com

47

CHASING operates as a technology company specializing in the design and sale of innovative underwater drones targeting both consumer and light-industrial markets. Their website presents a professional and modern digital presence, leveraging advanced JavaScript frameworks and multiple analytics and marketing tools to engage users globally. Despite the lack of WHOIS registration data, the site demonstrates a credible e-commerce platform with clear product offerings and a consistent brand image. The technical infrastructure is robust with HTTPS and content security policies in place, though additional security headers could enhance protection. Privacy compliance is limited, with no explicit privacy or cookie policies detected, which may pose compliance risks. Overall, the business appears legitimate but would benefit from improved transparency and security practices.

P

Private Pädagogische Hochschule Augustinum

pph-augustinum.at

46

Private Pädagogische Hochschule Augustinum is a reputable Austrian higher education institution specializing in teacher training, continuing education, and educational research. The website reflects a well-established organization with a clear focus on pedagogical sciences and international cooperation. Their market position is regional with a strong emphasis on quality education and sustainability, as evidenced by their Österreichisches Umweltzeichen certification. Technically, the website is built on a modern CMS (ProcessWire) with a clean HTML5 and CSS3 codebase, enhanced by JavaScript libraries such as Flickity for UI components. The site is mobile-optimized, accessible, and SEO-friendly, though some improvements in security headers and cookie consent mechanisms are recommended. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. However, the absence of security headers and incident response information suggests room for improvement in security maturity. Privacy compliance is good, with a comprehensive privacy policy and GDPR adherence, but lacks a cookie consent mechanism. Overall, the website presents a professional, trustworthy, and content-rich platform suitable for its educational audience. Strategic enhancements in security and privacy compliance would further strengthen its posture and user trust.

The Industrie- und Handelskammer Lüneburg-Wolfsburg (IHK Lüneburg-Wolfsburg) is a regional chamber of commerce serving approximately 70,000 commercial enterprises across multiple districts in Germany. The website provides comprehensive business consulting, educational programs, networking opportunities, and advocacy services tailored to the regional business community. It positions itself as a key economic stakeholder and resource for local businesses. Technically, the website is built on the CoreMedia CMS platform, utilizing modern JavaScript libraries, cookie consent management via Cookiebot, and analytics through eTracker. The site is well-structured, mobile-optimized, and accessible, with clear navigation and professional design. Security posture is strong with HTTPS enforced and CSRF protections in place, though explicit security policies and incident response contacts are not published. Overall, the site is trustworthy, compliant with GDPR, and provides transparent contact and social media channels.

O

OKsystem a.s.

oksystem.com

67

OKsystem a.s. is a well-established Czech IT company specializing in custom software development, IT services, and training with over 35 years of market presence. The company targets private firms and public administration, offering innovative, secure, and reliable software solutions. Their market position is strong, supported by a large customer base and official partnerships such as the Czech national pavilion at EXPO 2025. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, Google Tag Manager, and reCAPTCHA, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though security headers and explicit incident response policies are not evident. The absence of WHOIS data for the .com domain is a concern but may be due to privacy or alternative domain usage. Overall, the website is professional, trustworthy, and compliant with GDPR.

F

ForCamping s.r.o.

4camping.cz

73

ForCamping s.r.o. operates 4camping.cz, a leading Czech retailer specializing in outdoor and camping equipment. The company combines e-commerce with a network of 21 physical stores, offering over 12,000 products. The website targets outdoor enthusiasts, hikers, cyclists, and families, positioning itself as a market leader with recognized awards such as ShopRoku. The business model focuses on providing a comprehensive product range with customer advisory services and a loyalty program. Technically, the website employs modern web technologies including JavaScript, Google Tag Manager, and a proprietary e-commerce framework named Asgard. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The absence of WHOIS data limits full domain legitimacy verification, but the professional presentation and business presence support trust. Overall, the site is well-structured, user-friendly, and compliant with GDPR requirements.

T

TESCOMA

tescoma.cz

64

TESCOMA.cz is a professional e-commerce website specializing in kitchenware products, offering a wide range of items for cooking, baking, and dining. The site targets consumers interested in quality kitchen supplies and operates both online and through physical stores, positioning itself as a reputable brand in the Czech Republic retail market. The website employs modern web technologies including React (Next.js), personalization tools like Persoo, and tracking services such as Microsoft Clarity and Facebook Pixel, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent implemented, though the absence of explicit security headers and privacy policy documentation suggests room for improvement. The lack of WHOIS data limits domain registration trust analysis, but the overall professional presentation and contact information support legitimacy. Strategic recommendations include enhancing security headers, publishing privacy and security policies, and providing vulnerability disclosure information to strengthen trust and compliance.

W

Wolters Kluwer ČR, a. s.

rodicevitani.cz

55

The website www.rodicevitani.cz serves as the official platform for the 'Rodiče vítáni' certification, a recognized mark for schools in the Czech Republic that foster positive communication and trust with parents. The project is managed under Wolters Kluwer ČR, a reputable company, and targets educational institutions and parents seeking quality assurance in school-family relations. The site provides information on certification criteria, renewal processes, and contact support, positioning itself as a trusted resource in the Czech education sector. From a technical perspective, the website employs modern frontend technologies including Bootstrap 5 and integrates Google Tag Manager for analytics and consentmanager.net for cookie consent management. The site is mobile optimized with a clear navigation structure and professional design, although some accessibility and SEO enhancements could be made. The absence of detected CMS or hosting details limits deeper infrastructure insights. Security-wise, the site uses HTTPS and implements cookie consent mechanisms, but lacks visible security headers and explicit incident response or vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is unavailable, likely due to privacy protection, which is common for corporate domains but limits domain age verification. Overall, the site demonstrates a moderate security posture with room for improvement in headers and transparency. The overall risk assessment is low, with the site appearing legitimate, professionally maintained, and compliant with GDPR requirements. Strategic recommendations include enhancing security headers, improving accessibility, and publishing vulnerability disclosure or incident response policies to strengthen trust and security culture.

The domain e-svatek.cz is newly registered in March 2024 and currently serves as a parked domain with no active business content or services. The website primarily displays a domain-for-sale message and embeds an iframe from an external source, likely for monetization purposes. There is no privacy policy, cookie policy, terms of service, or contact information available, which significantly limits the site's credibility and user trust. The technical infrastructure is minimal, with basic HTML, CSS, and JavaScript, and no detected CMS or advanced frameworks. Security posture is weak due to lack of HTTPS enforcement and absence of security headers. Advertising scripts and tracking pixels from third-party ad networks are present, indicating monetization attempts but with poor transparency.

E

Ed. Züblin AG

strabag-teamconcept.com

61

Ed. Züblin AG operates the TEAMCONCEPT® platform, a pioneering construction partnering model in Germany with over 25 years of experience. The company focuses on holistic project planning, digital innovation, transparency, trust, and sustainability to deliver efficient construction projects. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content targeting construction industry stakeholders. Technically, the site uses modern JavaScript libraries, privacy-conscious analytics (Matomo), and a robust cookie consent mechanism (OneTrust), hosted on AWS infrastructure. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is well addressed with GDPR-aligned policies and consent mechanisms. Overall, the domain and website content are consistent with the business claims, indicating a trustworthy and professional online presence.

Č

České priority

pank.cz

46

PANK is a specialized research and advisory project operated by the Czech non-profit organization České priority, focusing on enhancing knowledge work and informed decision-making within Czech public administration. The website serves as a resource hub offering guides, case studies, and recommendations tailored for teams in government organizations. The project is supported by the Technological Agency of the Czech Republic, indicating credible backing and alignment with national research priorities. Technically, the website is built using modern frameworks such as Quarto and Bootstrap, with privacy-conscious analytics via Matomo configured to respect DoNotTrack and disable cookies. The site is well-structured, mobile-optimized, and provides a professional user experience with clear navigation and relevant content. Security posture is good with HTTPS enforced and no visible vulnerabilities or exposed sensitive data, though explicit security headers and formal policies like privacy and cookie policies are missing, representing areas for improvement. Overall, the domain registration data is consistent with the website's purpose and origin, supporting legitimacy and trustworthiness.

I

Informované vládnutí | České priority

informovanevladnuti.cz

53

The website 'Informované vládnutí | České priority' presents a government-related initiative focused on evidence-based policymaking to address 21st-century challenges such as automation, demographic changes, and environmental protection. The site is built on the Wix platform, leveraging modern JavaScript technologies and polyfills to ensure compatibility and performance. The technical infrastructure is moderate in performance with good mobile optimization but basic accessibility and SEO features. Security posture is solid with HTTPS enforcement and JavaScript hardening, though explicit security headers are missing. Privacy and cookie policies are not found, and no contact or business registration information is visible, which impacts trust and compliance assessments. The absence of WHOIS data limits domain legitimacy verification. Overall, the site appears professional and safe but would benefit from enhanced transparency and compliance documentation.

P

Poháry Bauer

pohary-bauer.cz

53

Poháry Bauer is a Czech-based company specializing in the manufacture and sale of sports trophies, medals, plaques, and figurines. The company operates both an e-commerce platform and multiple physical stores across the Czech Republic and neighboring countries, targeting sports clubs, event organizers, and individuals seeking sports awards. Their business model includes custom production and printing services starting from a single piece, positioning them as a leading supplier in their niche market. The website is professionally designed with good navigation, mobile optimization, and SEO practices, reflecting a mature digital presence. Technically, the website employs modern JavaScript libraries, Google Tag Manager, and structured data for SEO enhancement. It uses HTTPS with a good SSL configuration and includes accessibility features. The site integrates tracking tools with consent management, indicating a basic level of privacy compliance. However, explicit privacy and security policy pages are limited, and WHOIS data for the domain is unavailable, which slightly impacts trust assessment. From a security perspective, the site enforces HTTPS and uses Google’s analytics and advertising tools with consent restrictions. No critical vulnerabilities or exposed sensitive data were detected. Security headers are assumed but not explicitly visible in the HTML. The absence of a dedicated security policy or vulnerability disclosure page suggests room for improvement in security transparency. Overall, Poháry Bauer presents a trustworthy and professional online presence with a solid business foundation. The lack of WHOIS data and limited explicit privacy/security policies are minor concerns. Strategic recommendations include enhancing security headers, publishing clear security and privacy policies, and establishing a vulnerability disclosure process to further strengthen trust and compliance.

A

ABX software s.r.o.

abxharsys.cz

53

ABX software s.r.o. operates the website abxharsys.cz, offering a premium point-of-sale (POS) system tailored for restaurants and hospitality businesses primarily in the Czech Republic. Their product emphasizes ease of use and operational efficiency for restaurant management. The company positions itself as a niche provider within the hospitality technology sector, targeting small to medium-sized restaurant operators. The website content is professionally presented, with clear branding and relevant business information, although explicit contact details and legal policies are not prominently available. Technically, the website employs modern web standards including HTML5, CSS3, and JavaScript, integrating third-party services such as Google Tag Manager, Cookiebot for cookie consent management, and Limetalk for live chat support. The site uses HTTPS with strong SSL configuration and leverages Cloudflare services inferred from cookies and scripts, enhancing security and performance. Mobile optimization and SEO practices are good, contributing to a positive user experience. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and comprehensive cookie consent with granular user controls. However, the absence of explicit security headers and a published security policy or incident response contact reduces the overall security maturity. No vulnerabilities or exposed sensitive data were detected in the analysis. The lack of WHOIS data due to privacy protection is noted but is not uncommon for small software companies and does not significantly detract from legitimacy given the professional web presence. Overall, the website presents a low-risk profile with solid business credibility and technical implementation. Strategic recommendations include publishing privacy and terms of service documents, enhancing security headers, and providing explicit security and incident response information to further strengthen trust and compliance.

P

UNSERE HALTUNG | DIE SCHWEIZER CASINOS

playerprotection.ch

62

The website www.playerprotection.ch appears to be a small Swiss business focused on player protection services. The site is built using the Wix platform and hosted on Wix infrastructure, utilizing standard Wix scripts and Sentry for error monitoring. The business content is minimal and lacks detailed descriptions, contact information, or formal policies such as privacy or cookie policies. The technical infrastructure is modern but basic, with moderate performance and mobile optimization. Security posture is adequate with HTTPS enabled and some monitoring tools, but lacks comprehensive security headers and formal security policies. Overall, the site presents a low to moderate risk profile but would benefit from enhanced transparency and compliance documentation.

The Industrie- und Handelskammer Lüneburg-Wolfsburg (IHK Lüneburg-Wolfsburg) is a regional chamber of commerce serving approximately 70,000 businesses across several districts in Germany. The website provides comprehensive information and services including business consulting, education, networking, and support for startups. It targets businesses and entrepreneurs in the Lüneburg-Wolfsburg region, positioning itself as a key regional economic facilitator. Technically, the website is built on the CoreMedia CMS platform and integrates modern web technologies including JavaScript, CSS, and HTML5. It employs third-party services such as eTracker for analytics, CCM19 for cookie consent management, and Userlike for chat support. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. From a security perspective, the site enforces HTTPS, uses CSRF tokens in forms, and provides a granular cookie consent mechanism. However, it lacks publicly visible security policies, incident response contacts, and security headers which could enhance its security posture. No vulnerabilities or exposed sensitive data were detected. Overall, the website is professional, trustworthy, and compliant with GDPR requirements. It effectively serves its audience with relevant content and clear contact information. Strategic improvements in security transparency and incident response readiness are recommended to further strengthen trust and resilience.

E

EVIDENT GmbH

evident.de

47

EVIDENT GmbH is a German company specializing in dental practice management software, targeting dental professionals and clinics. The website is built on WordPress using the Divi theme and includes event calendar functionality. The technical infrastructure is modern but shows room for improvement in security headers and privacy compliance. The security posture is moderate with no critical vulnerabilities detected but lacks explicit security policies and incident response information. Overall, the website is professional and safe, but enhancements in privacy and security transparency are recommended.

A

Agencija za komercijalnu djelatnost proizvodno, uslužno i trgovačko d.o.o.

e-red.hr

56

The website e-red.hr represents a Croatian service platform focused on appointment scheduling and online ordering for agencies such as AKD and HZMO. It targets Croatian users seeking to book appointments with these agencies. The business operates in a niche local market with a small company profile. Technically, the site is built using React and modern JavaScript technologies, delivering a moderate performance and good mobile optimization. The presence of Segment analytics indicates moderate user tracking. Security posture is adequate with HTTPS enforced but lacks advanced security headers and explicit security policies. Privacy and cookie policies are present and indicate GDPR compliance. Overall, the site is professional and trustworthy with room for improvement in security and transparency.

S

Service-Bund GmbH & Co. KG

servicebund.de

58

Service-Bund GmbH & Co. KG is a well-established family-owned group founded in 1973, specializing in wholesale food and non-food products for professional kitchens, including gastronomy, hotels, and large-scale catering. The company operates through a consortium of regional subsidiaries across Germany and Austria, providing tailored delivery services and an online webshop. Their market position is strong within the hospitality sector, emphasizing quality, regional partnerships, and flexible service. Technically, the website is built on the Neos CMS platform using the Flow PHP framework, with modern JavaScript and Matomo analytics integration. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security headers and policies could be improved. Privacy compliance is limited due to missing explicit privacy and cookie policies. Overall, the website is professional, trustworthy, and business-focused, with clear contact information and comprehensive structured data.

T

TNX s.r.l.

avatable.com

48

AVATABLE is a specialized SaaS provider offering a comprehensive restaurant booking management system integrated with a website solution. The company, TNX s.r.l., targets restaurants, pizzerias, fast food outlets, and event organizers primarily in Italy. Their platform includes a booking engine, table and room management, digital menus, CRM capabilities, marketing automation, and delivery integration. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content for its target audience. Technically, the site uses modern web technologies including jQuery, Bootstrap, and various JavaScript libraries, with good SEO and performance characteristics. Security posture is solid with HTTPS enforced and no obvious vulnerabilities, though explicit security headers and incident response policies are absent. Privacy and cookie policies are present and GDPR compliant. WHOIS data is missing, which reduces trust slightly but the overall business presence and content quality support legitimacy.

O

Ordinalo

ordinalo.net

52

Ordinalo is an Italian-based software service provider specializing in take away and food delivery management solutions for restaurants and food businesses. The company offers a comprehensive SaaS platform including a website, mobile apps for Android and iOS, order management, delivery rider coordination, digital menus with QR codes, and marketing tools such as push notifications. Ordinalo positions itself as a niche player enabling restaurants to disintermediate from large food delivery platforms and build direct customer relationships. The website is professionally designed, content-rich, and targets small to medium-sized food service businesses in Italy. Technically, the site uses modern web technologies and integrates analytics and tracking tools, but lacks some advanced security headers and a published security policy. The WHOIS data is unavailable, which slightly reduces domain trustworthiness, but the overall business credibility is supported by clear contact information, client logos, and active social media presence. Privacy and cookie policies are implemented with consent mechanisms, indicating GDPR awareness. Overall, Ordinalo presents a solid digital presence with room for security and compliance improvements.

U

University of York

york.ac.uk

68

The University of York is a prestigious UK academic institution, part of the Russell Group, offering outstanding teaching and research services. The website reflects a mature digital presence with comprehensive content targeting prospective and current students, researchers, and academic staff. The site is well-branded and professionally maintained, emphasizing its academic reputation and community engagement. Technically, the site employs modern web technologies and multiple analytics and marketing tools to optimize user experience and engagement. Security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the domain and website present a trustworthy and credible academic entity.

The website www.bmj.com is currently inaccessible due to a Cloudflare Turnstile security challenge page that requires human verification before content can be accessed. This prevents extraction of meaningful business, technical, or security information from the site content. The domain WHOIS lookup returned no registration data, which is unusual for a well-known domain and may indicate privacy protection or query limitations. Due to these access restrictions, the technical infrastructure appears to rely on Cloudflare for security and DDoS protection, but no further details can be confirmed. The security posture cannot be fully assessed, but the presence of a WAF challenge indicates some level of protection. Overall, the site cannot be fully analyzed until the security challenge is bypassed or removed.

F

Fakat

fakat.eu

41

Fakat is a Croatian event agency specializing in comprehensive ideation, organization, and production services for a wide range of events including campaigns, festivals, concerts, exhibitions, corporate events, conferences, and sports events. The company positions itself as a full-service partner offering turnkey solutions and hardware rental with professional staffing. The website is well-structured, professionally designed, and targets businesses and individuals seeking event management services. Technically, the site uses modern web technologies including HTML5, CSS3, JavaScript, jQuery, and the Gumby framework, with Google Analytics integrated for visitor tracking. However, there is no evidence of a CMS or hosting provider details. Security posture is moderate with no visible security headers or HTTPS verification, and privacy compliance is low due to missing privacy and cookie policies. Contact information is clearly presented, including company email and phone, along with active social media profiles. WHOIS data is unavailable due to EURid privacy policies, but no suspicious indicators are present. Overall, the site is functional and professional but would benefit from improved security and privacy compliance.

The website kera-term.hr is currently inaccessible due to a Cloudflare Turnstile security challenge page that blocks access to the actual content. As a result, no business information, contact details, or policies are available for analysis. The site appears to be protected by Cloudflare's security services, indicating an intent to prevent automated access or attacks. However, this also limits the ability to assess the site's content quality, technical infrastructure, or security posture comprehensively. The lack of visible metadata, forms, or external business links further restricts insight into the company's operations or market position. Overall, the site is currently in a state that prevents meaningful evaluation beyond the presence of a security mechanism.

H

Hrvatske autoceste d.o.o.

hac.hr

57

Hrvatske autoceste d.o.o. is a Croatian state-owned company responsible for the management, construction, and maintenance of highways in Croatia. The website serves as an information portal for motorway users, offering details on tolls, traffic conditions, and related services. It targets both individual drivers and commercial transport operators, positioning itself as the primary authority for highway infrastructure in Croatia. The company provides electronic toll collection services and real-time traffic updates through dedicated mobile applications. Technically, the website is built using modern web technologies including Vue.js, with a responsive design optimized for mobile devices. Security measures include HTTPS enforcement and CSRF token implementation, alongside a comprehensive cookie consent mechanism. However, some security headers are not evident, and no explicit security or incident response policies are published. Overall, the site demonstrates a good balance of usability, compliance, and professionalism, supporting the company's role as a trusted public infrastructure provider.

N

NPS Catalyst Press

npscp.info

56

NPS Catalyst Press is a small informational website dedicated to providing detailed articles and guides on LLC formation services and business startup processes across various US states. The site targets entrepreneurs and small business owners seeking reliable and comprehensive information to facilitate their business formation journey. The business model is primarily content publishing, focusing on niche legal and compliance topics related to LLCs. Technically, the website is built with standard HTML5, CSS3, and JavaScript, featuring a modern, responsive design optimized for mobile devices. While no CMS or advanced frameworks are detected, the site maintains good usability and navigation clarity. Performance is moderate, with no evident third-party analytics or advertising scripts, indicating a lightweight infrastructure. From a security perspective, the site uses HTTPS (implied by URL scheme though SSL configuration details are unavailable), but lacks visible security headers and cookie consent mechanisms. No exposed sensitive data or vulnerabilities are detected in the content or forms. Privacy compliance is basic, with a privacy policy and terms of service present but no cookie policy or GDPR-specific indicators. Contact information is limited to a contact form, with no direct emails or phone numbers provided. Overall, the website presents a moderate risk profile with no critical security issues but room for improvement in privacy compliance and security best practices. Strategic recommendations include implementing security headers, adding cookie consent, enhancing contact transparency, and formalizing security and incident response policies to strengthen trust and compliance.

V

Varaždinska županija

varazdinska-zupanija.hr

44

Varaždinska županija operates as the official regional government portal for the Varaždin County in Croatia, providing a broad range of public services and information to its citizens. The website offers comprehensive content including administrative details, public tenders, news, multimedia, and support programs. It targets residents and stakeholders within the region, positioning itself as a trusted government information source. The business model is centered on public service and transparency, with a medium-sized organizational footprint typical of regional government entities. Technically, the website is built on Joomla CMS with Bootstrap and jQuery frameworks, ensuring a responsive and accessible user experience. The site incorporates accessibility tools and maintains good SEO and mobile optimization standards. Performance is moderate, with no critical technical issues detected. The infrastructure supports secure HTTPS connections and employs modern web standards. From a security perspective, the site demonstrates a strong posture with HTTPS enforcement, security headers, and secure form handling. Privacy compliance is robust, featuring clear privacy and cookie policies with consent mechanisms aligned with GDPR requirements. However, the absence of a dedicated security policy page, incident response contacts, and vulnerability disclosure mechanisms suggests areas for improvement in security transparency and incident readiness. Overall, the website is a professional, trustworthy, and secure government portal with high content quality and user experience. Strategic enhancements in security policy publication and incident response communication would further strengthen its security maturity and public trust.

Z

Zadar region tourist board

zadar.hr

61

The website www.zadar.hr serves as the official tourism portal for the Zadar region in Croatia, managed by the regional tourist board. It provides comprehensive information about destinations, experiences, events, and travel planning to attract and assist tourists. The site is well-positioned as an authoritative source for regional tourism, supported by a long-established domain and official Croatian registrars. Technically, the site uses modern web technologies including Vue.js and integrates popular analytics and tracking tools such as Google Analytics, Facebook Pixel, and TikTok Pixel. The site is mobile-optimized and offers a rich user experience with clear navigation and multilingual support. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers and explicit security policies are absent. Privacy and cookie policies are present with consent mechanisms, indicating GDPR compliance. Overall, the site is professional, trustworthy, and well-maintained, supporting the regional tourism business effectively.

P

Plus Hosting Grupa d.o.o.

opencity.hr

44

openCity Hrvatska is a Croatian public sector project aimed at promoting the opening of public sector data in line with EU standards. The website provides interactive visualizations to make public information easily understandable for citizens. The project targets Croatian government entities and the general public interested in transparent data access. The business model focuses on government data transparency and public engagement through digital tools. The website is relatively small in scale, founded in 2018, and hosted by Plus Hosting Grupa d.o.o. The content is primarily in Croatian and is professionally presented with good navigation and mobile optimization. Technically, the website uses modern web technologies including HTML5, CSS3, JavaScript, jQuery, CartoDB, and Leaflet for mapping. It integrates Google Analytics and Facebook SDK for analytics and social media engagement. Hosting is provided by a Croatian registrar consistent with the domain registration data. Performance is moderate with room for improvement in accessibility and SEO. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks important security headers and formal security policies such as incident response or vulnerability disclosure. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. The WHOIS data is consistent and indicates a legitimate registration aligned with the website's purpose. Overall, the website is functional and trustworthy for its niche but should improve privacy compliance and security best practices to enhance user trust and regulatory adherence.